
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 14S0 

Alexandria. Virginia 22313-1450 
www.uspto.gov 



1 APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 



10/568,513 



02/15/2006 



30449 7590 U/U/2007- 

SCHMEISER, OLSEN & WATTS 
22 CENTURY HILL DRIVE 
SUITE 302 
LATHAM, NY 121 10 



Yoshinobu Ishigaki 



JP920030171US1 



9590 



EXAMINER 


AVERY, JEREMIAH L 


1 ART UNIT 


PAPER NUMBER 


2131 




MAIL DATE 


DELIVERY MODE 


11/14/2007 


PAPER 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 


Application No. 

10/568,513 


Appilcant(s) 

ISHIGAKI ET AL 


CAaiTiiner 
Jeremiah Avery 


Art Unit 
2131 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

WHICHEVER IS LONGER. FROM THE MAILING DATE OF THIS COMMUNICATION. 
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DETAILED ACTION 



1. 



Claims 1-22 were cancelled in a preliminary amendment. 



2. 



Claims 23-42 were added. 



3. 



Claims 23-42 have been examined. 



Specification 



1. The disclosure is objected to because it contains an embedded hyperlink and/or 
other form of browser-executable code. Applicant is required to delete the embedded 
hyperlink and/or other form of browser-executable code. See MPEP § 608.01 . The 
hyperlinks in question are found on page 2 of the Specification. 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AlPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AlPA (pre-AlPA 35 U.S.C. 102(e)). 



Claim Rejections - 35 USC § 102 
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Claims 23-25, 27-35 and 37-42 are rejected under 35 U.S.C. 102(e) as being 
anticipated by United States Patent No. 6,453,353 to Win et a!., hereinafter Win. 
2. Regarding claim 23, Win teaches a method for providing attribute data, said 
method comprising: 

receiving a request from a user device via a network for a virtual ID token relating to 
attribute information pertaining to a subscriber associated with the user device (Figures 
5A, 5C, column 2, lines 42-67); 

responsive to the request for the virtual ID token, reading a data record from a 
database, said data record comprising L attributes of the subscriber, L being at least 2 
(Figures 5a, 5b and 5e, column 10, lines 14-26 and 41-55, column 11 and lines 42-64); 
providing the data record to the user device via the network (Figures 1 , 2 and 6-8, 
column 5, lines 1-12 and column 26, lines 14-67, "remote computer can load the 
instructions into its dynamic memory and send the instructions over a telephone line via 
a modem" "Communication interface 918 provides a two-way data communication 
coupling to a network link 920 that is connected to a local network 922" and "Network 
link 920 typically provides data communication through one or more networks to other 
data devices");, 

receiving, from the user device via the network, a selection of M attributes of the L 
attributes, M being less than L (Figure 10b, column 26, lines 14-67, "remote computer 
can load the instructions into its dynamic memory and send the instructions over a 
telephone line via a modem" "Communication interface 918 provides a two-way data 
communication coupling to a network link 920 that is connected to a local network 922" 
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and "Network link 920 typically provides data communication through one or more 
networks to other data devices"); 

generating a virtual record including the M attributes selected from the data record, said 
virtual record comprising a virtual ID (VI D) for identifying the virtual record (Figures 10a- 
10c, column 12, lines 32-55 and column 15, lines 35-52); 

storing the generated virtual record in the database (column 3, lines 7-40, "storing, in 
the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 12, lines 32-55 and column 15, lines 35-52); 
and providing the virtual ID token to the user device via the network, wherein the virtual 
ID token comprises the VID (Figures 1, 2 and 6-8, column 2, lines 42-67, column 5, 
lines 1-12 and column 26, lines 14-67, "remote computer can load the instructions Into 
its dynamic memory and send the instructions over a telephone line via a modem" 
"Communication interface 918 provides a two-way data communication coupling to a 
network link 920 that is connected to a local network 922" and "Network link 920 
typically provides data communication through one or more networks to other data 
devices"), 

wherein an attribute information providing server performs said receiving the request for 
the virtual ID token, said reading the data record from the database, said providing the 
data record to the user device, said receiving the selection of M attributes, said 
generating the virtual record, said storing the generated virtual record in the database, 
and said providing the virtual ID token to the user device (column 3, lines 7-40, "storing, 
in the database an association of each resource to one or more of the roles", column 5, 
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lines 13-20, column 11, lines 42-64, column 12, lines 32-55 and column 15, lines 35- 
52). 

3. Regarding claims 24 and 34, Win teaches receiving a request comprising the VID 
for attribute infonnation associated with the VID from an attribute information receiving 
apparatus via the network (Figures lOa-IOc, column 12, lines 32-55 and column 15, 
lines 35-52); 

reading the virtual record from the database in response to the request comprising the 
VID (column 3, lines 7-40, "storing, in the database an association of each resource to 
one or more of the roles", column 5, lines 13-20, column 11, lines 42-64, column 12, 
lines 32-55 and column 15, lines 35-52); 

and after said reading, providing the virtual record to the attribute information receiving 
apparatus via the network (Figures 1,2 and 6-8, column 2, lines 42-67, column 5, lines 
1-12 and column 26, lines 14-67, "remote computer can load the instructions into its 
dynamic memory and send the instructions over a telephone line via a modem" 
"Communication interface 918 provides a two-way data communication coupling to a 
network link 920 that is connected to a local network 922" and "Network link 920 
typically provides data communication through one or more networks to other data 
devices"), 

wherein the attribute information providing server performs said receiving the request 
comprising the VID, said reading the virtual record from the database, and sajd 
providing the virtual record to the attribute information receiving apparatus (column 2, 
lines 42-67, column 3, lines 7-40, "storing. In the database an association of each 
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resource to one or more of the roles", column 5, lines 13-20, column 12, lines 32-55 and 
column 15, lines 35-52). 

4. Regarding claims 25 and 35, Win teaches wherein said providing the virtual 
record to the attribute information receiving apparatus is performed in manner that 
ensures that the virtual ID is concealed from the attribute information receiving 
apparatus when the virtual record is received by the attribute information receiving 
apparatus (Figures 3b, 3c, 4, 5a-5e and 6, column 6, lines 41-54, column 8, lines 23-63. 
column 9, lines 41-60 and column 10, lines 41-63). 

5. Regarding claims 27 and 37, Win teaches after said providing the virtual record 
to the attribute information receiving apparatus: 

providing, by the attribute information providing server, an attribute certificate to the 
attribute information receiving apparatus in relation to a new transaction between the 
subscriber and the attribute information receiving apparatus, wherein the attribute 
certificate pertains to the M attributes in the virtual record provided to the attribute 
information receiving apparatus (column 5, lines 66 and 67, column 6, lines 1-9, column 
17, lines 28-37, column 19, lines 56-63 and column 22, lines 41-46). 

6. Regarding claims 28 and 38, Win teaches wherein the attribute information 
providing server comprises: 

a customer record display unit for displaying the virtual record (Figures 10a-10c, column 
17, lines 52-67 and column 18, lines 14-27); 



Application/Control Number: 1 0/568,51 3 Page 7 

Art Unit: 2131 

an attribute selection unit for extracting the M attributes from the data record prior to 
said generating the virtual record (Figures lOa-IOc, column 12, lines 32-55, column 15, 
lines 35-52 and column 16, lines 13-58); 

a virtual record generation unit for performing said generating the virtual record (Figures 
lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 13-58); 
a VID token issue unit for performing generating the virtual ID token prior to said 
providing the virtual token ID to the user device (Figures 5a, 5b and 5e, column 2, lines 
42-67, column 10, lines 14-26 and 41-55, column 11 and lines 42-64); 
a virtual record referencing unit for referencing the virtual record based on the VID prior 
to said providing the virtual record to the attribute information receiving apparatus 
(Figures lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 
13-58); 

and a virtual record issue unit for performing said providing the virtual record to the 
attribute information receiving apparatus (Figures 1 , 2 and 6-8, column 2, lines 42-67, 
column 5, lines 1-12 and column 26, lines 14-67, "remote computer can load the 
instructions into its dynamic memory and send the instructions over a telephone line via 
a modem" "Communication interface 918 provides a two-way data communication 
coupling to a network link 920 that is connected to a local network 922" and "Network 
link 920 typically provides data communication through one or more networks to other 
data devices"). 

7. Regarding claims 29 and 39, Win teaches wherein the VID token further 
comprises a URL of the attribute information providing server (Figures 3a-3c, column 5, 
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lines 13-21, 66 and 67, column 6, lines 1-9 and 58-65, column 7, lines 45-57, column 8, 
lines 5-63 and column 14, lines 34-43 and 56-67). 

8. Regarding claims 30 and 40, Win teaches wherein the attribute information 
providing server is selected from the group consisting of a financial institution, an 
Internet Service Provider (ISP), and a shopping site on the network (column 26, lines 
44-67). 

9. Regarding claims 31 and 41 , Win teaches receiving a selection of Ml attributes 
of the L attributes in the data record, wherein the Ml attributes are not identical to the M 
attributes (Figure 10b, column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 13-20, column 11, lines 42- 
64, column 12, lines 32-55, column 15, lines 35-52 and column 26, lines 14-67, "remote 
computer can load the instructions into its dynamic memory and send the instructions 
over a telephone line via a modem" "Communication interface 918 provides a two-way 
data communication coupling to a network link 920 that is connected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices"); 

and storing a second virtual record in the database, wherein the second virtual record 
comprises the Ml attributes, and wherein the attribute information providing server 
performs said receiving the selection of M1 attributes and said storing the second virtual 
record in the database (column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 13-20, column 11, lines 42- 
64, column 12, lines 32-55 and column 15, lines 35-52). 
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10. Regarding claims 32 and 42, Win teaches wherein the data record comprises a 
globally-unique ID (GID) serving as a primary key of the data record, wherein the VID is 
a primary key of the virtual record, and wherein the VID is independent of the GID 
(Figures lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 
13-58). 

1 1 . Regarding claim 33, Win discloses a system comprising a processor and an 
attribute information providing server stored in a computer readable memory unit 
coupled to the processor (Figures 1, 2, 4, 9, column 25, lines 13-59), said attribute 
information providing server adapted to be executed on the processor to perform a 
method for providing attribute data, said method comprising: 

receiving a request from a user device via a network for a virtual ID token relating to 
attribute information pertaining to a subscriber associated with the user device (Figures 
5A, 5C, column 2. lines 42-67); 

responsive to the request for the virtual ID token, reading a data record from a 
database, said data record comprising L attributes of the subscriber, L being at least 2 
(Figures 5a, 5b and 5e. column 10, lines 14-26 and 41-55, column 11 and lines 42-64); 
providing the data record to the user device via the network (Figures 1, 2 and 6-8, 
column 5, lines 1-12 and column 26, lines 14-67, "remote computer can load the 
instructions into its dynamic memory and send the instructions over a telephone line via 
a modem" "Communication interface 918 provides a two-way data communication 
coupling to a network link 920 that is connected to a local network 922" and "Network 
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link 920 typically provides data communication through one or more networks to other 
data devices"); 

receiving, from the user device via the network, a selection of M attributes of the L 
attributes, M being less than L (Figures 1,2, 6-8 and 10b, column 5, lines 1-12 and 
column 26, lines 14-67, "remote computer can load the instructions into its dynamic 
memory and send the instructions over a telephone line via a modem" "Communication 
interface 918 provides a two-way data communication coupling to a network link 920 
that is connected to a local network 922" and "Network link 920 typically provides data 
communication through one or more networks to other data devices"); 
generating a virtual record including the M attributes selected from the data record, said 
virtual record comprising a virtual ID (VID) for identifying the virtual record (Figures 10a- 
10c, column 12, lines 32-55 and column 15, lines 35-52); 

storing the generated virtual record In the database (column 3, lines 7-40, "storing, in 
the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 12, lines 32-55 and column 15, lines 35-52); 
and providing the virtual ID token to the user device via the network, wherein the virtual 
ID token comprises the VID (Figures lOa-IOc, column 12, lines 32-55 and column 15, 
lines 35-52). 
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Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) wliicli forms tlie basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the Invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 

USPQ 459 (1966), that are applied for establishing a background for determining 

obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

Claims 26 and 36 are rejected under 35 U.S.C. 103(a) as being unpatentable 

over Win as applied to claims 23 and 33, respectively, as cited above, and further in 

view of United States Patent No. 6,834,272 to Naor et al., hereinafter Naor. 

12. Win significantly discloses the claimed invention as cited within claims 23 and 33, 
respectively; however Win fails to disclose the limitations found within claims 26 and 36. 
Naor discloses these limitations, as cited below. 

13. Regarding claims 26 and 36, Naor teaches wherein said providing the virtual 
record to the attribute information receiving apparatus is performed using a 1-out-of-N 
OT (Oblivious Transfer) protocol (Figures 5 and 7, column 11, lines 30-67, column 12, 
lines 1-3 and 34-44, column 13, lines 42-55, column 17, lines 35-66 and column 19, 
lines 52-64). 
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14. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of Naor within the teachings 
of Win in order for "any number of parties, via a center, to collectively compute any 
function in a manner that preserves the privacy of the individual private inputs of the 
parties to the collective computation, even after the computation of the function has 
been completed" {Naor- column 4, lines 46-58). 

Conclusion 

15. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

16. The following United States Patents and Patent Application Publication are cited 
to further show the state of the art with respect to the protection and usage of credential 
information, such as: 

United States Patent No. 6,915,271 to Meyer et al., which is cited to show a 
method and system for redeeming dynamically and adaptively characterized 
promotional incentives on a computer network. 

United States Patent No. 5,903,721 to Sixtus which is cited to show a method 
and system for secure online transaction processing. 

United States Patent No. 6,161,139 to Win et al., which is cited to show 
administrative roles that govern access to administrative functions. 

United States Patent No. 6,182,142 to Win et al., which is cited to show 
distributed access management of information resources. 
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United States Patent No. 6,505,300 to Chan et al., which is cited to show a 
method and system for secure running of untrusted content. 

United States Patent No. 6,542,927 to Rhoads, which is cited to show the Uniting 
of computers based on steganographically embedded digital data. 

United States Patent No. 6,615,258 to Barry et al., which Is cited to show an 
integrated customer interface for web based data management. 

United States Patent No. 6,714,979 to Brandt et al., which is cited to show a data 
warehousing infrastructure for web based reporting tool. 

United States Patent No. 4,926,479 to Goldwasser et al., which is cited to show a 
multiprover interactive verification system. 

United States Patent Application Publication No. US 2001/0055388 to Kaliski, 
JR. which is cited to show server-assisted regeneration of a strong secret from a weak 
secret. 

17. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeremiah Avery whose telephone number is (571) 272- 
8627. The examiner can normally be reached on Monday thru Friday 8:30am-5pm. 

18. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

1 9. Infomnation regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



JLA 
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